From: "github-actions[bot]" <noreply@github.com>
To: linux-bluetooth@vger.kernel.org
Subject: [bluez/bluez] 340fde: btio: fix range validation of security level
Date: Wed, 09 Jul 2025 06:54:44 -0700 [thread overview]
Message-ID: <bluez/bluez/push/refs/heads/980540/000000-b00403@github.com> (raw)
Branch: refs/heads/980540
Home: https://github.com/bluez/bluez
Commit: 340fde776e00622969c475989ad8a1badc2c075b
https://github.com/bluez/bluez/commit/340fde776e00622969c475989ad8a1badc2c075b
Author: Ismagil Iskakov <i.iskakov@omp.ru>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M btio/btio.c
Log Message:
-----------
btio: fix range validation of security level
Arrays inside l2cap_set_lm/rfcomm_set_lm functions are of size 4,
but the bounds check allows the value 4 for 'level'.
Commit: 29361026d98a59655d4810873a7aff5e5f868d7b
https://github.com/bluez/bluez/commit/29361026d98a59655d4810873a7aff5e5f868d7b
Author: Ismagil Iskakov <i.iskakov@omp.ru>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M profiles/audio/a2dp.c
M profiles/audio/avrcp.c
M profiles/audio/bass.c
Log Message:
-----------
profiles/audio: add nullity checks
Cover bass_setup unsuccessful search and btd_device_get_service.
This change is motivated by the other usages where checks for
NULL exist.
Commit: c653ac1fb8725f9d0a0c3eb0a0a94d4d8365df8d
https://github.com/bluez/bluez/commit/c653ac1fb8725f9d0a0c3eb0a0a94d4d8365df8d
Author: Ismagil Iskakov <i.iskakov@omp.ru>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M src/shared/bap.c
M src/shared/vcp.c
Log Message:
-----------
src/shared: add nullity checks
Check util_iov_pull_mem where iov len is not verified
beforehand. Check vcp_get_vcs for NULL.
These changes are based on other usages where those
checks exist.
Commit: b004030371dbf83e35c4b6638db5cfd289f159ba
https://github.com/bluez/bluez/commit/b004030371dbf83e35c4b6638db5cfd289f159ba
Author: Ismagil Iskakov <i.iskakov@omp.ru>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M obexd/client/transfer.c
Log Message:
-----------
obexd/client: fix err condition causing memleak
transfer_open returns 0 if an error occurs, condition corrected.
Compare: https://github.com/bluez/bluez/compare/340fde776e00%5E...b004030371db
To unsubscribe from these emails, change your notification settings at https://github.com/bluez/bluez/settings/notifications
reply other threads:[~2025-07-09 13:54 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bluez/bluez/push/refs/heads/980540/000000-b00403@github.com \
--to=noreply@github.com \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).